<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jWRSAZOkta Classic EngineOkta Integration NetworkAnswered2024-04-30T09:18:25.000Z2018-02-08T17:34:15.000Z2019-11-01T16:47:06.000Z

SandeepM.86202 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Cannot upload Signature Certificate (SAML Logout)
Hello,

I am trying to test Single Logout (SLO) for SAML, I can see my SAML request in the logs but I am getting "Issuer does not match" error. When, I try to upload a certificate (in PEM or DER format) I get a failure message "The filename is invalid or missing" I can see that the file is not missing (and attached) about the file names, I tried multiple names nothing works. I could not find any documentation on what format the certificate should be and the expected file name. Funny thing is I was able to upload a certificate earlier !

Any help would be greatly appreciated.
  • 10 answers
  • 4.56K views
j5v7c likes this.

  • evan.alter1.4865287258752158E12 (Okta, Inc.)

    Sandeep -

    What was the format of the earlier signature? How was the new signature created?

     

    Both PEM and CER certificate formats are supported.

     

    Evan
    Expand Post

  • SandeepM.86202 (Customer)

    Thanks for responding Evan ! I was using PEM format. 

    After a lot of wasted time turns out the issue was my browser, to be specific Opera (50.0.2762.67 MacOSX).

    Using Safari worked. Okta admin page did not give any indication indication there was a failure with Opera. 

    Anyways, I was finally able to upload the certs and successfully test SAML Single Logout. 

     

    Thanks !

    Sandeep
    Expand Post

  • AbhijitP.86707 (Customer)

    Hi Sandeep, I stuck in the SAML logout part. Basically, we have configured required things in the OKTA regarding logout. We have uploaded same certificate which OKTA has given. But, after logout from the OKTA, we are not getting logout from the application. Can you help us regarding the same?

  • SandeepM.86202 (Customer)

    Generally Okta logs are pretty good about telling you what's wrong.

  • evan.alter1.4865287258752158E12 (Okta, Inc.)

    Good news, Sandeep. Thanks for letting us know.

     

    Evan Alter

    Okta Customer Support

  • evan.alter1.4865287258752158E12 (Okta, Inc.)

    Sandeep -

    Although Opera is a great browser, it is not officially supported on Okta. That does not mean it will never work, but it does mean that we cannot guarantee that it will always work.

     

    Platforms, Browser, and OS Support

    https://support.okta.com/help/Documentation/Knowledge_Article/Platforms-Browser-and-OS-Support-349761608

     

    Thanks.

     

    Evan Alter

    Okta Customer Support
    Expand Post

  • j5v7c (j5v7c)

    Hello,

     

    Thanks for posting your inquiry in Okta Community Portal.

     

    ​If you receive a great answer to your question(s), please help readers find it by marking it the best answer. Hover over the answer and click "Best Answer." 

     

    Thank you,

     

    ​Dylann Fezeu

    Okta Help Center Team
    Expand Post

  • 9hoza (9hoza)

    Hi all, I got the same issue with uploading Signature Certificate. Can anyone tell me what is the "Signature Certificate" in single logout and what is its purpose? As I think, "Signature Certificate" is the public key of Service Provider which have uploaded on Single Sign-On configuration. in other think, it's the public key of CA which we use to generate the public key?

     

    Thank you all.
    Expand Post

  • hdv80 (hdv80)

    On uploading the certificate in Cer and Pem format . Getting below error . Please sugget

    There was an error reading the certificate file: Could not parse certificate: java.io.IOException: Empty input

    The filename is invalid or missing

  • WalterL.93831 (Customer)

    @AdminShashank Dubey

     

    I was able to workaround the issue by providing a cert with header information. okta did not like a cert in string format, but uploaded fine when headers were inserted. You can find online tools to insure the cert is formatted properly.

     

    Header info:

    -----BEGIN CERTIFICATE-----

    -----END CERTIFICATE-----

    Expand Post
This question is closed.
Loading
Cannot upload Signature Certificate (SAML Logout)